Health Apps, their Privacy Policies and the GDPR
The healthcare sector traditionally processes large amounts of personal data. Nowadays, medical practice increasingly uses information technologies, such as smartphone applicatons (‘apps’) and wearable devices (e.g. smart watches, smart soles), for treatment plans and information collection. It is inherent to these modern technologies that they generate even more personal data. Some of the apps are developed specifcally for the healthcare sector, some are more general (health) apps. Within the European Union (EU), the processing of these personal data is regulated by the General Data Protecton Regulation (GDPR), which entered into force on 25 May 2018. The GDPR provides controllers and processors with obligations and data subjects with rights. This paper analyses the marketing statements of app providers and the privacy policies of the apps in order to determine whether they are in line with each other and with the GDPR.